Bug 152902 - CAN-2005-0086 less buffer overflow
Summary: CAN-2005-0086 less buffer overflow
Status: CLOSED DUPLICATE
Alias: None
Product: Fedora Legacy
Classification: Retired
Component: Package request (Show other bugs)
(Show other bugs)
Version: unspecified
Hardware: All Linux
medium
medium
Target Milestone: ---
Assignee: Fedora Legacy Bugs
QA Contact:
URL: https://rhn.redhat.com/errata/RHSA-20...
Whiteboard: 1, LEGACY, NEEDSWORK, rh73, rh90
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-02-10 19:21 UTC by Marc Deslauriers
Modified: 2008-05-01 15:38 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-21 19:08:18 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description David Lawrence 2005-03-30 23:31:31 UTC
Victor Ashik discovered a heap based buffer overflow in less, caused by a
patch added to the less package in Red Hat Enterprise Linux 3. An attacker
could construct a carefully crafted file that could cause less to crash or
possibly execute arbitrary code when opened. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0086
to this issue.

Info:
https://rhn.redhat.com/errata/RHSA-2005-068.html

This issue may be RHEL3 specific. Must be checked.



------- Additional Comments From marcdeslauriers@videotron.ca 2005-02-10 19:09:27 ----



*** This bug has been marked as a duplicate of 2404 ***



------- Bug moved to this database by dkl@redhat.com 2005-03-30 18:31 -------

This bug previously known as bug 2426 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=2426
Originally filed under the Fedora Legacy product and Package request component.

Unknown priority P2. Setting to default priority "normal".
Unknown platform PC. Setting to default platform "All".
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.



Comment 1 Red Hat Bugzilla 2006-02-21 19:08:18 UTC
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.


Note You need to log in before you can comment on or make changes to this bug.